Solved

newly created DNS set up to automatically replicate with a dns server at remote site that it doesn't have a connection to

Posted on 2013-10-30
5
475 Views
Last Modified: 2013-10-30
We have a main site with 2 dns 2008r2 servers that replicate to dns/ad servers at remote sites and they have a vpn tunnel to every site.
There are tunnels built via cisco ASA between the sites, but there is not a tunnel between every site.
I added a new DNS to a remote site on server 2003. It automatically generated an NTDS Settings in AD sites and Services to replicated with our main server at the main site but also a dns at the remote site that it does not have a vpn tunnel to. Therefore I am getting replication errors.  I was always told to not mess with the automatically generated ones, so is it okay to delete this?
0
Comment
Question by:jtano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39612178
You need to create AD sites and service topology as per physical connectvity.It seem you have hub and spoke topology.See below thread how to create the same.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/c92ba0ed-4652-4098-bdcf-8b9f8803c9aa/site-link-bridge?forum=winserverDS
0
 

Author Comment

by:jtano
ID: 39612533
So on the new server I went under Inter site Tansports and under IP where my dafaultIPSITELINK is I clicked to add a new Site link and in this link just put the remote site rr and the main site cc in.  In the default site link I took out the remote rr so it won't try to replicate with the remote site V v. Now I just wait for it to replicate. Does this sound correct?
0
 

Author Comment

by:jtano
ID: 39612548
I guess I should ask if I disable the site link bridge do I need to manually set up the ones that are already replicating correctly ( it is enabled now) or doing the way I said above will that work okay without disabling?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39612840
Lets assume you have 4 site Site A/B/C/D and site A is hub site.So the topology will look like this

- Create site for all four site A,SiteB...
- Create site link a below(Add the two sites in each specific connector).
SiteA- SiteB
SiteA-SiteC
SiteA-SiteD
-Disable bridging:http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx
- Ensure that you also create subnets and map to specific.

Once done wait for replication kcc will create the required topology.If you have created any manual connection delete the same as it is not recommended.http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx
0
 

Author Comment

by:jtano
ID: 39613165
Okay. I was confused becuase it was alrady disabled for IP but it set up a replication to a server it can't reach?  I think its good now thanks for the links they were very helpful.
I set up a new link and deleted the bad one. At least its replicating now.
Thanks
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question